It for olad software. The Open Lighting Project’s goal is to provide high quality, open source lighting control software for the entertainment lighting industry. For more info see:
Dont know why I couldnt find it. Thanks a lot. I try not to post trivial things I can solve myself, I found OpenDNS to have strange missing search results in the past. Must be that.
I think it is malicious software with a valid application name
The software was clearly not installed as it refers to an installation folder that is non existing and given that it uses all resources at 4am in the morning.
$ ls /usr/lib/olad
ls: cannot access ‘/usr/lib/olad’: No such file or directory
The geoclue seems suspicious, but even if it wasnt, I dont know why it rerports folders that do not exist etc.
That looks really suspicious as it usually means a valid name process, but hijacked by something else. Another option is just misconfiguration by the distro packagers.
I removed everything that looked suspicious, and then see if I get trouble down the line. Usually I get no trouble, so I can only say that it is
suspicious in origin.
Usually thsese things are benign misconfigurations, but better to overreact in this case and assume suspicious.
Are you using ubuntu? If so look for `/usr/lib/geoclue.
It looks like a bad idea to have that running on a server or desktop without the need for gps. Cant see the benefit to the user.
On Debian stretch geoclue is an option installed as package name geoclue-2.0 but not installed by default.
I wont consider it necessary at all unless you make a life out of gps and location aware applications.
Non zero (non root) account created for security reasons. Usually used in background by cron jobs and other services. This is a security feature and not a strange way of doing stuff under Linux or Unix-like systems.
The reason it appears peculiar is that a non-standard user name _apt is created to avoid giving two normally empty directories root access.
For some strange reason I don’t have a user called apt in my /etc/passwd - so why create _apt, when apt was already available for this purpose.
apt is a command and not a user. apt command run by root user by typing the command such as sudo apt update && sudo apt upgrade.
_apt is a user created in /etc/passwd for running background jobs, downloading files safety from the internet and so on:
grep _apt /etc/passwd
You can see file permissions using:
ls -ld /var/cache/apt/archives/partial
ls -ld /var/lib/apt/lists/partial
You can confirm that _apt user created by apt package by running:
grep -B2 -A2 _apt /var/lib/dpkg/info/apt.postinst
# add unprivileged user for the apt methods
adduser --force-badname --system --home /nonexistent \
--no-create-home --quiet _apt || true
# Fixup any mistake in the home directory of the _apt user
if dpkg --compare-versions "$2" lt-nl 1.1~exp10~; then
usermod --home /nonexistent _apt
fi
In short, nothing bad is going on there. You just don’t know where to lookup for info. HTH